IN THE CLAIMS : 

Please AMEND claims 1, 10, and 13 as shown below. 

1. (Currently Amended) A network switch for network communications, said 
network switch comprising: 

a first data port interface, said first data port interface supporting a plurality of data 
ports transmitting and receiving data at a first data rate; 

a second data port interface, said second data port interface supporting a plurality 
of data ports transmitting and receiving data at a second data rate; 

a CPU interface, said CPU interface configured to communicate with a CPU; 

an internal memory, said internal memory communicating with said first data port 
interface and said second data port interface; 

a memory management unit, said memory management unit including an external 
memory interface for communicating data from at least one of said first data port 
interface and said second data port interface and an external memory; 

a communication channel, communicating data and messaging information 
between said first data port interface, said second data port interface, the CPU interface, 
said internal memory, and said memory management unit; 

wherein one data port interface of said first data port interface and said second 
data port interface comprises a fast filtering processor, said fast filtering processor 



filtering the data coming into the one data port interface, and taking selective filter action 
based upon a filtering result, and 

wherein said one data port interface further comprises a flow monitor for 
monitoring flows of data through the network switch, where a flow of said flows of data 
is defined by a combination of a source address and a destination address for a portion of 
the data passing through the network switch , and 

wherein monitoring flows of data comprises associating a particular packet with a 
previously identified flow if the particular packet has both the source address and the 
destination address of the previously identified flow . 

2. (Original) A network switch as recited in claim 1, wherein said fast filtering 
processor is programmable by inputs from the CPU through the CPU interface. 

3. (Original) A network switch as recited in claim 1, wherein said one data port 
interface includes a rules table interface and an indexed rules table thereupon, and 
wherein said fast filtering processor applies a filter mask to a packet incoming thereto, 
providing a filter result, wherein said filter result is applied to predetermined rules in said 
indexed rules table, and wherein action is taken on the packet and said flows of data are 
updated based upon the filtering result. 



4. (Original) A network switch as recited in claim 3, wherein said first data port 
interface, second data port interface, CPU interface, internal memory, memory 
management unit, communications channel, fast filtering processor, and said rules table 
are implemented on a common semiconductor substrate. 

5. (Original) A network switch as recited in claim 4, wherein said fast filtering 
processor includes a set of exclusive filter masks and inclusive filter masks therein, 
wherein said exclusive filter masks are configured to exclude all packets except packets 
with which there is a match with the filter result. 

6. (Original) A network switch as recited in claim 4, wherein said fast filtering 
processor includes filter masks which filter ingress port fields, egress port fields, and 
filter select fields of an incoming packet. 

7. (Original) A network switch as recited in claim 6, wherein the indexed rules 
table includes filter value fields for filter result look-up, ingress port fields, egress port 
fields, filter select fields, action bit fields, priority bit fields, type-of-services fields, and 
output port fields. 



8. (Original) A network switch as recited in claim 7, wherein the indexed rules 
table is indexed by values obtained from lookups of the source and destination addresses 
for the incoming packet. 

9. (Original) A network switch as recited in claim 1, wherein the fast filtering 
processor filters the packets independent of the CPU interface, and therefore without 
communicating with the CPU. 

10. (Currently Amended) A method of handling data packets in a network switch, 
said method comprising: 

placing incoming packets into an input queue; 

applying the input data packets to an address resolution logic engine; 

performing a lookup to determine whether certain packet fields are stored in a 
lookup table and determining index values for the input data packets; 

filtering the incoming packet through a fast filtering processor in order to 
determine what specific actions should be taken to modify the packet for further 
handling; and 

discarding, forwarding, or modifying the packet based upon the filtering; 
wherein said index values are used by the fast filtering processor to rapidly find an 
indexed specific action of said specific actions. 



wherein said index values are used by the fast filtering processor to associate a 
particular packet with a previously identified flow if the particular packet has both the 
source address and the destination address of the previously identified flow . 

11. (Original) A method as recited in claim 10 5 wherein said step of determining 
index values for the input data packets is based upon lookups of a source address and a 
destination address for the input data packet. 

12. (Original) A method as recited in claim 11, wherein said source and 
destination addresses for the input data packet are related to a flow and said filtering step 
further comprises monitoring flows of data through the network switch. 

13. (Currently Amended) A network switch for handling data packets comprising: 
means for placing incoming packets into an input queue; 

means for applying the input data packets to an address resolution logic engine; 

means performing a lookup to determine whether certain packet fields are stored 
in a lookup table and means for determining index values for the input data packets; 

means for filtering the incoming packet through a fast filtering processor in order 
to determine what specific actions should be taken to modify the packet for further 
handling; and 
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means for discarding, forwarding, or modifying the packet based upon the 
filtering; 

wherein said index values are used by the fast filtering processor to rapidly find an 
indexed specific action of said specific actions^ 

wherein said index values are used by the fast filtering processor to associate a 
particular packet with a previously identified flow if the particular packet has both the 
source address and the destination address of the previously identified flow . 

14. (Original) A network switch as recited in claim 13, wherein said means for 
determining index values for the input data packets comprises means for performing 
lookups of a source address and a destination address for the input data packet. 

15. (Original) A network switch as recited in claim 13, wherein said source and 
destination addresses for the input data packet are related to a flow and said means for 
filtering further comprises means for monitoring flows of data through the network 
switch. 
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